RAG Data Harvesting
Type: technique
Description: The adversary uses the AI system to query for sensitive data indexed by the RAG. Variants include searching through sensitive information in email, chat and shared documents.
Version: 0.1.0
Created At: 2025-03-04 10:27:40 -0500
Last Modified At: 2025-03-04 10:27:40 -0500
External References
Related Objects
- --> Collection (tactic): An adversary can harvest sensitive data from various systems through RAG queries.
- --> RAG Credential Harvesting (technique): The two techniques are similar apart from their target data and purpose.
- <-- RAG Credential Harvesting (technique): The two techniques are similar apart from their target data and purpose.
- <-- Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information (procedure): Automatically read other emails or documents without a human in the loop.
- <-- Microsoft Copilot Purview Audit Log Evasion and DLP Bypass (procedure): Sensitive documents are harvested without any audit log trail and while bypassing DLP.